DeleGate is a multi-purpose application level gateway or proxy server that mediates communication of various protocols, applying cache and conversion for mediated data, controlling access from clients, and routing toward servers. It translates protocols between clients and servers, converting between IPv4 and IPv6, applying SSL (TLS) to arbitrary protocols, merging several servers into a single server view with aliasing and filtering. It can be used as a simple origin server for some protocols (HTTP, FTP, and NNTP).

LEAF is a secure, feature-rich, customizable embedded Linux network appliance for use in a variety of network topologies. Although it can be used in other ways, it's primarily used as a Internet gateway, router, firewall, and wireless access point.

Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, Cisco routers, Snort, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG or NFLOG target.

The TIS Firewall Toolkit is a software kit for building and maintaining internetwork Firewalls. It is distributed in source code form, with all modules written in the C programming language and runs on many BSD UNIX derived platforms.

fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information, including desired access through an iptables, ipfw, or pf firewall policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Also supported is a robust port knocking implementation based around iptables log messages.

FrazierWall Linux is a single floppy distribution Linux firewall that is based on the Linux Router Project. It is designed for use with ethernet base internet connections (such as cable modems or xDSL lines). It allows you to share such a connection with several other computers on a LAN. It is easy to setup and maintain, and is available in a Linux configurable software version.

XOTcl provides a highly flexible, reflective, component-based object oriented environment that integrates language support for high level object oriented concepts (which are not found in other languages) with reasonable performance. XOTcl is an extension of TCL and was derived from the impressive OTcl language developed by D. Wetherall and C. Lindblad at MIT in 1995 and extended in various ways. XOTcl's language constructs explicitly aim at the complexity in a component gluing layer that is not solved by traditional object orientation in the style of C++ or Java.

Astaro Portscan Detection is a netfilter target which will attempt to detect TCP and UDP port scans and log them to syslog. This target is based upon Solar Designer's scanlogd. It suppports mutliple levels of logging, custom prefixes for entries, weighted total port scan detection, and port scan temporal spread detection.

Harm acts as a four-way socket redirector that allows you to effectively make a
TCP connection from the Internet to a host behind a Linux masquerade-style
firewall. The server (behind the firewall) makes connections to the client (on
the Internet). After a successful connection, it will bounce packets from a
telnet client (Windows and Linux) to the Harm client, to the Harm server (Linux
only), or to the telnet daemon behind the firewall.